At the Black Hat hacker conference being held in Las Vegas this week, security experts revealed that games consoles could be the latest weapon for information warfare.

Yesterday a pair of white hat hackers demonstrated how to turn a Sega Dreamcast into a bug that can be dropped inconspicuously onto a corporate network. It worked on the premise that firewalls are more lenient with outbound connections than with inbound ones.

Aaron Higbee of Foundstone and Chris Davis of RedSiren have developed a custom Linux-based toolkit that can be run on a Dreamcast which, once plugged into an ethernet port, will 'phone home', joining an organisation's internal network with the hacker's network.

On the development site for the DC Phone Home toolkit, the hackers claim "to show that this type of attack can be performed easily with a variety of available hardware and software and in such a way that is not easily discovered by an organisation's employees or security resources".

According to a report from SecurityFocus, during their presentation at Black Hat yesterday Higbee and Davis said that, when performing penetration tests, they often found themselves able to get physical access to the target's facilities for a few minutes.

The reason they chose the Dreamcast was because it is innocuous - "it looks like a toy," they were quoted as saying.

The now-defunct games console also makes the perfect attack tool because it can be picked up for around £50, and comes complete with an ethernet port.

The DC Phone Home software checks all available services such as HTTP, SMTP and SSH in a bid to make an outbound connection. It even checks for proxy servers hooked up to the network.

By way of a defence against such attacks, Higbee and Davis suggested allowing only network connections from pre-assigned MAC addresses, along with the obvious tightening-up on physical security.

Other techniques that could be used in the phone home attack include software for the Compaq iPAQ and a bootable x86 CD-Rom which can perform the attack using any available PC.

The homepage for DC Phone Home is here. The software is expected to be published for download shortly.